By the end of the year, spyware programs will have tripled in number, put Firefox in their sights, and have turned to RSS to distribute its key loggers and ad spawners, a security expert said Friday.
Blog
-
Hacking and Enlightenment: Ed and Me on hacking
This is my conversation with ED on my misuse of the word hacker on one of my website:
Whoa, whoa, ED…
I think my wording has completely miss led you. Here is my feeling about hackers:
About Defcon13 and Hackers vs. “Security Pros”:
http://elamb.blogharbor.com/blog/_archives/2005/6/2/904009.html#302474My discussion with Martin about hackers:
http://www.mckeay.net/secure/archives/000450.htmlMy thoughts on hacking and the non believers (at the bottom by Sun Tzu):
http://elamb.blogharbor.com/hacked/igothacked.htmDude, I love hackers. I'd like to consider myself a hacker.. but I
don't feel worthy. I've got the passion but I don't have the gift.
I've already been to the Oracle (bad matrix joke).Perhaps I should reword that article. I believe in taking the
concept of hacking back to its original roots before it was hijacked by
the media. I DO NOT want to contribute to that dogma.The Phisher
used a combination of mail fraud and manipulated email and even set up
a server. He probably got tons of money and merchandise from ebay
customers.Like computer and/or telecommunication devices, I beleive ANY system
can be hacked.. email systems, smoke alarms in Delta air planes, bar
code readers, RFID's, FEDEX, all can be reprogrammed, streamlined,
reverse engineered, exploited and manipulated for good or for evil
purposes.For me, that is what makes hacking so cool. A true “hack” is done upon
gaining a new understanding of a given system. Of course, some hacks
are discovered completely by accident, but the hacks that are done out
of understanding, is like a form of enlightenment.Check it out… Buddha hacked the Universe… (o.k. too much weed).
On 6/13/05, ed <XXX@XXX.com> wrote:hey rob,
this incident has absolutely nothing to do with hackers. it's called “mail
fraud” and “wire fraud”. what computer or telecommunications system was
“hacked” here?please
call a spade a spade: the vast majority of hackers are not
thieves. sure, a few are–but that's like calling all car
drivers “bank getaway car drivers.”you're not helping to solve
the problem by blaming the wrong group of people. you should
be blaming criminals, not hackers–who have nothing to do with your
unfortunate experience.thanks,
-ed
From: ME
Subject: Phisherprice: Phishing on Ebay During the Holidays
Date: 8 May 2005 16:13:28 -0700A
hacker tried to get a free phone using a phishing technique that I had
never heard of. The phisher used a Western Union Auction
Money order form (a fake number) and actually sent me the fedex lable
and had
fedex come to my house to pick up the phone. Even though I didn't have the cash for the phone yet.The Phishing exploit relies on the buyers greed and the feverish haste of holiday spending.
Here is the phishing exploit in detail:
http://elamb.blogharbor.com/hacked/phisherprice.htmrob
http://elamb.org -
Blog RSS Promotion Software – RSS Submit
T. L. Pakii Pierce is a big player in the Blogosphere. Here is one of
his best articles on an RSS promotion software called RSS Submit. It
includes a walk-through instructional video and is followed up by a
STUNNING stream on comments that are practically better than the actual
article. A must read for serious bloggers. -
15 RSS Submissions FREE
Do you use RSS? If you do, then you need to seriously consider
submiting to some RSS directories. Here is a way to knock out
fifteen with the click of a button.Checkout this cool FREE tool created by Thomas Korte, a Google employee.
-
DITSCAP, DIACAP, NICAP, ISP
If you are looking for the acronyms above go to –> http://infoassure.blogspot.com
Most human beings have the luxury of not having to know what the acronyms DITSCAP, DIACAP, NIACAP and ISP mean. I am not one of those human beings.
You know all those times you were at work and the Big Wigs decide to come up with some new ridiculous security rule that is just more hassle; have you ever cursed the stupid, stupid bastards that came up with a web blocker that won't let you visit fark.com, ebaum's world or stileproject… I'm the that stupid, stupid bastard.
But hey, man, don't blame me. Any policy I (or any other System Security Engineer) comes up with usually is and interpretation of a company policy. And usually (at least in my experience) we aren't the ones making the final decisions.
(Sigh) Anyway, bitches…
I try to include some actual Security Engineering in this blog but it just seems a little over the top because most of my readers (who are either techies or N00bies) can not relate and/or don't have a use for.
System Security Engineering has to do with Certification and Accreditation, developing security and business plans, and creating organizational information security policies far Information Systems (boring, boring, booooring stuff… that pays pretty good). It includes all levels of computer security but also deals with things like… operational security.
http://infoassure.blogspot.com will focus on system security engineering.
I'll continue to put the SSE post in this blog but I'll hide most of them in the DITCAP category so my regular elamb.org visitors don't get nauseated.
-
Systm 2 Out!
Systm Episode 2!
http://www.prolexic.com/systm/vid2/systm–0002–mythtv–large.wmv.torrent
http://www.prolexic.com/systm/vid2/systm–0002–mythtv–large.xvid.avi.torrent
http://www.prolexic.com/systm/vid2/systm–0002–mythtv–large.h264.mov.torrent
http://www.prolexic.com/systm/vid2/systm–0002–mythtv–large.theora.ogg.torrent -
Watch and learn how to crack WEP
If you only new the POWER of Linux!
This is step by step tutorial on how to crack Wireless Equivalent Protocol (WEP), which is used to “secure” wireless connections.
http://whoppix.hackingdefined.com/Whoppix-wepcrack.html -
Careful With That News, Eugene
This is an important article by Dan Huard, Co-host of Systm, comparing Slashdot with (user-defined) Digg. Diggs future growth and current content problems are among the most interesting topics discussed.